Todoist
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone or anything using that token through the CLI can access and modify Todoist data permitted by the token.
The skill requires a Todoist API token and passes it to the Todoist CLI. This is expected for the integration, but the token grants account access.
requires: bins: ["todoist"] env: ["TODOIST_API_TOKEN"] ... todoist auth <your-token> # or export TODOIST_API_TOKEN="your-token"
Use only a Todoist token you intend to grant to this CLI, store it securely, and revoke it from Todoist settings if you stop using the skill.
The agent could make real changes to your Todoist tasks when you ask it to manage them.
The documented CLI commands can change Todoist account state, including deleting a task. These operations match the skill purpose but are still user-impacting actions.
todoist done <id> # Complete task todoist reopen <id> # Reopen completed task todoist update <id> --due "next week" todoist move <id> -p "Personal" todoist delete <id>
Review task IDs and wording before allowing completion, update, move, or delete actions, especially for ambiguous task names.
The installed CLI package is what will handle your Todoist token and commands.
The skill instructs users to globally install an external npm package using a semver range. This is purpose-aligned for a CLI skill, but users rely on that package's provenance and future compatible releases.
npm install -g todoist-ts-cli@^0.2.0
Install the CLI from a trusted npm source, consider pinning an exact reviewed version, and keep it updated intentionally.